Pentagon thwarts spoofed e-mail

Related Links

The Pentagon said today that an attempt to send a virus through its systems last week was thwarted before damage could be caused.

On the morning of Feb. 14, someone "spoofed" the Defense Technology Information Center (DTIC) header, camouflaging the sender's real address to make recipients think the message had come from the Defense Department. The message had a virus attached and was sent through Pentagon computers to two mailing lists.

"Our computers caught the virus and stripped it out," said Terry Davis, manager of the Public Web Program in the Office of the Secretary of Defense. "So what went out was the original text message that was sent in the e-mail, but the virus and the attachment were both stripped."

Davis said he and a few co-workers then went into the system to put safeguards in place to prevent someone else from spoofing a DTIC header. They tested their work off line to ensure its stability before bringing the system back online. When they did that, however, an unforeseen side effect became apparent.

"We didn't realize that the effect of the settings we had changed would leave the subscription list open, giving anyone the ability to post messages to the entire list," Davis said. "And we definitely underestimated how much people like to talk."

In a short time span, dozens of messages were flying around as people inadvertently clicked the "reply all" button to warn of the e-mail problem and sent messages to the entire list, which contains many thousands of people.

"What we want people to know is the system was not hacked, the system was not taken over, and a virus was not sent out," he said. "The only problem that really occurred is the people who replied to the entire list exposed themselves to thousands of other people."

Davis said both problems have been corrected and he personally sent a message of apology to every person on the list.